If you answered "CAPTCHA", congratulations - you're made out of carbon!

Because of this, it's unlikely you will robotically buy up reams of tickets and sell them at vicious markups, and therefore, Ticketmaster, the world's largest online ticket retailer, will be happy to sell to you.

Now, though, Ticketmaster is going to sell tickets without torturing your eyeballs with the use of CAPTCHA.

According to the BBC, Ticketmaster has dumped the reviled challenge-response test and put in its place software created by Solve Media, which achieves the same robot-screening ends by asking for well-known phrases, descriptions of brands, or with simple multiple-choice questions.

CAPTCHA came out of Carnegie Mellon University and stands for "Completely Automated Public Turing test to tell Computers and Humans Apart".

The tests are designed to be hard for robots, easy for humans.

They typically consist of typing letters and/or digits from a distorted image. Or messages, as noted, to go pleasure yourself. Or, then again, mathematical problems that make your brain bleed.

Lord Teapot, a commenter on the BBC story, said that he or she finds these tests so distasteful, he or she gives up and buys from another site after the first failed attempt:

Lord Teapot
30TH JANUARY 2013 - 15:57
I will generally attempt a CAPTCHA once. After that I seek another site to purchase/view/etc the material I was seeking. Some of the CAPTCHA images are essentially illegible, tend to contain multiple characters that seem to be fused together into unrecognizable masses, and other nonsense that makes the entire scheme a complete [hassle]. Find a legitimate way to ID humans, or we find other sites.

Revenue-harming disgust caused Ticketmaster to rethink the use of CAPTCHA.

According to the company's executive vice president of e-commerce, Kip Levin, preliminary trials show customer satisfaction is ticking up, and security hasn't suffered.

He told the BBC:

"We're starting to see an uptick in fan satisfaction."

"We're happy with what we've seen from a security standpoint as well."

Levin also told the BBC that the new system has halved the time users take to puzzle out an answer: average time to solve a CAPTCHA puzzle was 14 seconds, while the new system took users an average of 7 seconds.

As far as security goes, it's time for us to find a better method. Back in 2008, spammers were achieving a CAPTCHA success rate of 30% to 35% for Microsoft's Live Mail service and a success rate of 20% against Gmail.

But, as Sophos's Graham Cluley noted this past fall, nowadays, spammers are simply outsourcing the cracking of CAPTCHAs to impoverished workers in the third-world, to whom they pay a pittance for completing thousands of puzzles each day.

And there's no reason to believe that such a technique won't work just as well against Ticketmaster's new system.

12 Responses to Ticketmaster says goodbye to CAPTCHA

Ticketmaster is trying to get a publicity boost out of this by even suggesting it's done to please their users. The BBC fails to see through this, even though they had reported that Ticketmaster admitted that 1/5 of their sales in 2011 went to botnets.

So the real story: Ticketmaster's CAPTCHAs were insecure for all of 2011, and in early 2013 they finally tried something else.

How does it validate the "describe this brand with any word(s)"? I've just tried it on their site, and it seems to accept any description. If that's the case, it wouldn't be too hard for a robot to bypass it.

Thank God for that. Hopefully others will follow.
Normally they are not as clear as your example above. Many times I have just moved away from a page and done business elsewhere because of these annoying doodles.

Glad these nonsense checks are going away, often can't read them.
But the alternative has to use options that people know about and can recognise well enough to give a short description. For example, it's no use using a business that may be well known in Bolivia but nowhere else! Plus there must be an allowance made for the way businesses differ between countries as the regulatory regime may well be different.
So what businesses are known to everyone in every country? Very few I wager.

About the author

I've been writing about technology, careers, science and health since 1995. I rose to the lofty heights of Executive Editor for eWEEK, popped out with the 2008 crash, joined the freelancer economy, and am still writing for my beloved peeps at places like Sophos's Naked Security, CIO Mag, ComputerWorld, PC Mag, IT Expert Voice, Software Quality Connection, Time, and the US and British editions of HP's Input/Output. I respond to cash and spicy sites, so don't be shy.